Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
25 Dec 2017
13 Jan 2010
How to fix?
org.apache.axis2:axis2 to version 1.7.4 or higher.
org.apache.axis2:axis2 is a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack.
Affected versions of this package are vulnerable to Session Fixation in the administrative interface at the path
/axis2/axis2-admin. Attacker can exploit this flaw by doing a Cross-Site Scripting (XSS) attack and get his Session cookie and perform session hijacking attack.